A security policy adopted by an organization may require restricting users' access to various documents, software programs, etc. The organization may implement the security policy by imposing access control policies with respect to various computing resources, such as folders, data and executable files, databases, libraries, etc.